[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.26' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 69.906597][ T7026] ================================================================== [ 69.914919][ T7026] BUG: KASAN: null-ptr-deref in choke_reset+0x208/0x340 [ 69.921859][ T7026] Write of size 8 at addr 0000000000000000 by task syz-executor972/7026 [ 69.930174][ T7026] [ 69.932496][ T7026] CPU: 0 PID: 7026 Comm: syz-executor972 Not tainted 5.7.0-rc1-syzkaller #0 [ 69.941203][ T7026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.951352][ T7026] Call Trace: [ 69.954649][ T7026] dump_stack+0x188/0x20d [ 69.958981][ T7026] ? choke_reset+0x208/0x340 [ 69.963561][ T7026] __kasan_report.cold+0x5/0x4d [ 69.968405][ T7026] ? choke_reset+0x208/0x340 [ 69.972992][ T7026] ? choke_reset+0x208/0x340 [ 69.977583][ T7026] kasan_report+0x33/0x50 [ 69.981916][ T7026] check_memory_region+0x141/0x190 [ 69.987030][ T7026] memset+0x20/0x40 [ 69.990826][ T7026] choke_reset+0x208/0x340 [ 69.995233][ T7026] ? choke_destroy+0x40/0x40 [ 69.999810][ T7026] qdisc_reset+0x6b/0x520 [ 70.004148][ T7026] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 70.010389][ T7026] dev_deactivate_many+0xe2/0xba0 [ 70.015399][ T7026] ? __is_module_percpu_address+0x257/0x350 [ 70.021281][ T7026] dev_deactivate+0xf8/0x1c0 [ 70.025857][ T7026] ? dev_deactivate_many+0xba0/0xba0 [ 70.031124][ T7026] ? is_dynamic_key+0x12a/0x1a0 [ 70.036832][ T7026] ? choke_dequeue+0x4b0/0x4b0 [ 70.041598][ T7026] qdisc_graft+0xd25/0x1120 [ 70.046112][ T7026] ? tc_dump_tclass+0x480/0x480 [ 70.050947][ T7026] ? tc_get_qdisc+0xaf0/0xaf0 [ 70.055606][ T7026] ? nla_memcpy+0xa0/0xa0 [ 70.059923][ T7026] ? ns_capable_common+0xe2/0x100 [ 70.064945][ T7026] tc_modify_qdisc+0xbab/0x1a00 [ 70.069822][ T7026] ? qdisc_create+0x1140/0x1140 [ 70.074678][ T7026] ? mutex_trylock+0x2c0/0x2c0 [ 70.079430][ T7026] ? find_held_lock+0x2d/0x110 [ 70.084208][ T7026] ? qdisc_create+0x1140/0x1140 [ 70.089042][ T7026] rtnetlink_rcv_msg+0x44e/0xad0 [ 70.093971][ T7026] ? rtnl_bridge_getlink+0x870/0x870 [ 70.099260][ T7026] ? lock_acquire+0x1f2/0x8f0 [ 70.103966][ T7026] ? netlink_deliver_tap+0x146/0xb50 [ 70.109373][ T7026] netlink_rcv_skb+0x15a/0x410 [ 70.114220][ T7026] ? rtnl_bridge_getlink+0x870/0x870 [ 70.119507][ T7026] ? netlink_ack+0xa10/0xa10 [ 70.124103][ T7026] netlink_unicast+0x537/0x740 [ 70.128863][ T7026] ? netlink_attachskb+0x810/0x810 [ 70.133974][ T7026] ? _copy_from_iter_full+0x25c/0x870 [ 70.139343][ T7026] ? __phys_addr_symbol+0x2c/0x70 [ 70.144360][ T7026] ? __check_object_size+0x171/0x437 [ 70.149643][ T7026] netlink_sendmsg+0x882/0xe10 [ 70.154418][ T7026] ? aa_af_perm+0x260/0x260 [ 70.158913][ T7026] ? netlink_unicast+0x740/0x740 [ 70.163845][ T7026] ? netlink_unicast+0x740/0x740 [ 70.168770][ T7026] sock_sendmsg+0xcf/0x120 [ 70.173187][ T7026] ____sys_sendmsg+0x6bf/0x7e0 [ 70.177945][ T7026] ? print_usage_bug+0x240/0x240 [ 70.182879][ T7026] ? kernel_sendmsg+0x50/0x50 [ 70.187819][ T7026] ___sys_sendmsg+0x100/0x170 [ 70.192522][ T7026] ? sendmsg_copy_msghdr+0x70/0x70 [ 70.197725][ T7026] ? mark_held_locks+0xe0/0xe0 [ 70.202490][ T7026] ? __this_cpu_preempt_check+0x28/0x190 [ 70.208140][ T7026] ? percpu_counter_add_batch+0x123/0x180 [ 70.213874][ T7026] ? find_held_lock+0x2d/0x110 [ 70.218631][ T7026] ? __fd_install+0x1b4/0x600 [ 70.223293][ T7026] ? lock_downgrade+0x840/0x840 [ 70.228140][ T7026] ? __fget_light+0x1ab/0x270 [ 70.232899][ T7026] __sys_sendmsg+0xec/0x1b0 [ 70.237393][ T7026] ? __sys_sendmsg_sock+0xb0/0xb0 [ 70.242479][ T7026] ? trace_hardirqs_off_caller+0x55/0x230 [ 70.248219][ T7026] ? do_syscall_64+0x21/0x7d0 [ 70.252930][ T7026] do_syscall_64+0xf6/0x7d0 [ 70.257428][ T7026] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 70.263306][ T7026] RIP: 0033:0x441499 [ 70.267284][ T7026] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.287043][ T7026] RSP: 002b:00007ffd57594d78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.295457][ T7026] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441499 [ 70.303429][ T7026] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 70.311451][ T7026] RBP: 00000000000110ee R08: 00000000004002c8 R09: 00000000004002c8 [ 70.319427][ T7026] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004022c0 [ 70.327391][ T7026] R13: 0000000000402350 R14: 0000000000000000 R15: 0000000000000000 [ 70.335477][ T7026] ================================================================== [ 70.344075][ T7026] Disabling lock debugging due to kernel taint [ 70.350275][ T7026] Kernel panic - not syncing: panic_on_warn set ... [ 70.356964][ T7026] CPU: 0 PID: 7026 Comm: syz-executor972 Tainted: G B 5.7.0-rc1-syzkaller #0 [ 70.367293][ T7026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.377346][ T7026] Call Trace: [ 70.380636][ T7026] dump_stack+0x188/0x20d [ 70.384957][ T7026] panic+0x2e3/0x75c [ 70.388864][ T7026] ? add_taint.cold+0x16/0x16 [ 70.393530][ T7026] ? retint_kernel+0x2b/0x2b [ 70.398117][ T7026] ? choke_reset+0x208/0x340 [ 70.402763][ T7026] ? trace_hardirqs_on+0x55/0x220 [ 70.407980][ T7026] ? choke_reset+0x208/0x340 [ 70.412563][ T7026] end_report+0x4d/0x53 [ 70.416764][ T7026] __kasan_report.cold+0xd/0x4d [ 70.421611][ T7026] ? choke_reset+0x208/0x340 [ 70.426221][ T7026] ? choke_reset+0x208/0x340 [ 70.430799][ T7026] kasan_report+0x33/0x50 [ 70.435132][ T7026] check_memory_region+0x141/0x190 [ 70.440238][ T7026] memset+0x20/0x40 [ 70.444038][ T7026] choke_reset+0x208/0x340 [ 70.448455][ T7026] ? choke_destroy+0x40/0x40 [ 70.453056][ T7026] qdisc_reset+0x6b/0x520 [ 70.457382][ T7026] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 70.463622][ T7026] dev_deactivate_many+0xe2/0xba0 [ 70.468635][ T7026] ? __is_module_percpu_address+0x257/0x350 [ 70.474529][ T7026] dev_deactivate+0xf8/0x1c0 [ 70.479235][ T7026] ? dev_deactivate_many+0xba0/0xba0 [ 70.484561][ T7026] ? is_dynamic_key+0x12a/0x1a0 [ 70.489401][ T7026] ? choke_dequeue+0x4b0/0x4b0 [ 70.494153][ T7026] qdisc_graft+0xd25/0x1120 [ 70.498648][ T7026] ? tc_dump_tclass+0x480/0x480 [ 70.503481][ T7026] ? tc_get_qdisc+0xaf0/0xaf0 [ 70.508157][ T7026] ? nla_memcpy+0xa0/0xa0 [ 70.512584][ T7026] ? ns_capable_common+0xe2/0x100 [ 70.517722][ T7026] tc_modify_qdisc+0xbab/0x1a00 [ 70.522711][ T7026] ? qdisc_create+0x1140/0x1140 [ 70.527596][ T7026] ? mutex_trylock+0x2c0/0x2c0 [ 70.532401][ T7026] ? find_held_lock+0x2d/0x110 [ 70.537165][ T7026] ? qdisc_create+0x1140/0x1140 [ 70.542150][ T7026] rtnetlink_rcv_msg+0x44e/0xad0 [ 70.547152][ T7026] ? rtnl_bridge_getlink+0x870/0x870 [ 70.552435][ T7026] ? lock_acquire+0x1f2/0x8f0 [ 70.557108][ T7026] ? netlink_deliver_tap+0x146/0xb50 [ 70.562515][ T7026] netlink_rcv_skb+0x15a/0x410 [ 70.567275][ T7026] ? rtnl_bridge_getlink+0x870/0x870 [ 70.572726][ T7026] ? netlink_ack+0xa10/0xa10 [ 70.577314][ T7026] netlink_unicast+0x537/0x740 [ 70.582418][ T7026] ? netlink_attachskb+0x810/0x810 [ 70.587531][ T7026] ? _copy_from_iter_full+0x25c/0x870 [ 70.592910][ T7026] ? __phys_addr_symbol+0x2c/0x70 [ 70.597926][ T7026] ? __check_object_size+0x171/0x437 [ 70.603200][ T7026] netlink_sendmsg+0x882/0xe10 [ 70.607951][ T7026] ? aa_af_perm+0x260/0x260 [ 70.612433][ T7026] ? netlink_unicast+0x740/0x740 [ 70.617402][ T7026] ? netlink_unicast+0x740/0x740 [ 70.622320][ T7026] sock_sendmsg+0xcf/0x120 [ 70.626717][ T7026] ____sys_sendmsg+0x6bf/0x7e0 [ 70.631472][ T7026] ? print_usage_bug+0x240/0x240 [ 70.636477][ T7026] ? kernel_sendmsg+0x50/0x50 [ 70.641142][ T7026] ___sys_sendmsg+0x100/0x170 [ 70.645811][ T7026] ? sendmsg_copy_msghdr+0x70/0x70 [ 70.650901][ T7026] ? mark_held_locks+0xe0/0xe0 [ 70.655648][ T7026] ? __this_cpu_preempt_check+0x28/0x190 [ 70.661258][ T7026] ? percpu_counter_add_batch+0x123/0x180 [ 70.667015][ T7026] ? find_held_lock+0x2d/0x110 [ 70.671769][ T7026] ? __fd_install+0x1b4/0x600 [ 70.676593][ T7026] ? lock_downgrade+0x840/0x840 [ 70.681544][ T7026] ? __fget_light+0x1ab/0x270 [ 70.686295][ T7026] __sys_sendmsg+0xec/0x1b0 [ 70.690791][ T7026] ? __sys_sendmsg_sock+0xb0/0xb0 [ 70.695800][ T7026] ? trace_hardirqs_off_caller+0x55/0x230 [ 70.701545][ T7026] ? do_syscall_64+0x21/0x7d0 [ 70.706211][ T7026] do_syscall_64+0xf6/0x7d0 [ 70.710696][ T7026] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 70.716567][ T7026] RIP: 0033:0x441499 [ 70.720443][ T7026] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.740145][ T7026] RSP: 002b:00007ffd57594d78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.748541][ T7026] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441499 [ 70.756556][ T7026] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 70.764519][ T7026] RBP: 00000000000110ee R08: 00000000004002c8 R09: 00000000004002c8 [ 70.772479][ T7026] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004022c0 [ 70.780505][ T7026] R13: 0000000000402350 R14: 0000000000000000 R15: 0000000000000000 [ 70.790004][ T7026] Kernel Offset: disabled [ 70.794344][ T7026] Rebooting in 86400 seconds..